From bc1801a5d7d2819dd904d3f7801f840811271bcd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20M=C3=A4rkle?= Date: Fri, 19 May 2023 11:08:46 +0200 Subject: [PATCH] DERP & Exit-Node --- roles/headscale-server/tasks/main.yml | 22 ++++++++++++++++++++ roles/headscale-server/templates/config.yaml | 9 +++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/roles/headscale-server/tasks/main.yml b/roles/headscale-server/tasks/main.yml index 9d3e02d..4adfc02 100644 --- a/roles/headscale-server/tasks/main.yml +++ b/roles/headscale-server/tasks/main.yml @@ -1,4 +1,18 @@ --- +- name: Update APT package cache + apt: + update_cache: true + upgrade: dist + +- name: Install debian packages + apt: + name: "{{ item }}" + state: present + with_items: + - "unattended-upgrades" + - "joe" + - "fail2ban" + #- name: Download headscale .deb # get_url: # url="https://github.com/juanfont/headscale/releases/download/v0.22.3/headscale_0.22.3_linux_arm64.deb" @@ -34,3 +48,11 @@ name: headscale.service state: started enabled: true + +# Exit node: +# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.noarmor.gpg | sudo tee /usr/share/keyrings/tailscale-archive-keyring.gpg >/dev/null +# curl -fsSL https://pkgs.tailscale.com/stable/debian/bullseye.tailscale-keyring.list | sudo tee /etc/apt/sources.list.d/tailscale.list +# apt-get update +# apt-get install tailscale +# tailscale up --advertise-exit-node --login-server https://headscale.wolkige.abgruen.de +# diff --git a/roles/headscale-server/templates/config.yaml b/roles/headscale-server/templates/config.yaml index 8a0e421..f2d313b 100644 --- a/roles/headscale-server/templates/config.yaml +++ b/roles/headscale-server/templates/config.yaml @@ -23,7 +23,14 @@ dns_config: # DERP derp: server: - enabled: false + enabled: true + region_id: 999 + region_code: "aws-headscale-maecki" + region_name: "aws-headscale-maecki" + stun_listen_addr: "0.0.0.0:3478" + paths: [] + auto_update_enabled: false + update_frequency: 24h # DB db_type: sqlite3